Thanks for any help anybody can offer in advance. I'm setting up
a small LAN for a small company, and have found my understanding
of how a ethernet will operate in a few circumstances somewhat
lacking, specifically in how forwarding and routing work.
So, a diagram:
internet <--> ADSL modem <--> linux machine <--> * LAN *
Now, we have enough IP's for the Linux machine and all the computers
on the LAN. My question is, how exactly is this accomplished? By this
I mean, the above diagram assumes to ethernet interfaces. 1 for the
incoming ADSL modem 10baseT connection, and one going out to the LAN.
However, this doesn't exactly make sense to me, if both the Linux
machine and LAN are operating on the same subnet.
If both the LAN and Linux machine are on the same subnet, it seems
the diagram looks more like:
internet <--> ADSL modem <--> hub
Obviously, this changes what the diagram and intuitive flow of
network traffic would be. The LAN traffic no longer needs to go
through the Linux machine to access internet resources.
I guess, if anyone else can understand what I mean like this, I'm
asking how routing happens from the internet -> LAN. From the
LAN -> internet you use "route" to establish default gateways and
routing paths...which I know how to do. In a sense, I'm asking for
the other side of the coin.
Am I correct to assume that for Linux to act as a forwarding box
(actually, a firewall is what eventually I'll be doing, but I
know how to accomplish that once Linux is correctly positioned on
the LAN), I need 2 ethernet interfaces in the Linux machine? If
that's so, I have conceptually no clue about how to handle the
internet -> LAN routing.
1) Could I assign the Linux machine an address of 192.168.1.1
for the ADSL input line (eth0), and then set up static routing tables
on the Linux machine to point packets for say 207.228.110.x (just
and example) to eth1?
2) routed/gated? Never used them, would love to get an overview
of their application, and how they make this solution doable?
In the end, what I'd like this network to look like is this:
Private LAN of 25 computers, using IP Masq
on the Linux Firewall to access the Internet
internet <--> ADSL <--> Linux Firewall/Gateway/Router
| | | | |
LAN of 5 computers, using public
IP's that we purchase. Access
allowed to anyone on the internet,
but firewalled for security by
the Linux machine. (Serving WWW,
Just some questions about this configuration... as far as I can
tell, it requires 3 ethernet cards in 1 Linux machine. Our ADSL
line will be 7Mbit/s... can a standard PC with 3 ethernet
cards handle the load? Can 3 ethernet cards be put into one
machine? Does anybody have any experience with quality ethernet
cards used in a similar fashion, or would 3 generic ISA NE2000
be able to handle the load?
Thank you very much for any help, I really appreciate it. Any
pointers to documentation would be much appreciated.. I've checked
Firewall-HOWTO and NET-2-HOWTO and so I know that forwarding can
be done. It's not so much the specific technicals I need, so much
as the conceptual overview.